Since Nintendo patched Wondertrade adding an encryption to the transmitted data, people from Project Pokemon have been working on a new way to dump PKX files (the new .pkm format for Pokémon X/Y). As for today (7/03/14) a tool for this has been made public, however there are some prerequisites that must be met:

If you own Pokémon X/Y in cartridge format:

Your 3DS must be on the OFW 6.3 or above

You must have a save dumper like PowerSaves 3DS (which is currently the only public way to dump save files from cartridges)

If you own Pokémon X/Y in digital format, you can simply get your save file from this directory in your SD card (save files made on Gateway 3DS' EmuNAND are compatible):
For Pokémon X:
X:\Nintendo 3DS\*random value*\*random value*\title\00040000\00055d00\data

Export your save. Locate your save on your PC. Rename the first save 16.bin or 16.sav, depending on its original extension. If you are using the downloaded copy of the game, remember to copy the save file to another location before renaming. Do not rename the save file on the SD Card.

Export your save. Locate your save on your PC and rename the second save 26.bin or 26.sav, depending on its original extension.

Run KeySav. On the "Box Breaker" tab, click on "Open SAV 1" and load 26.bin or 26.sav. Click on "Open SAV 2" and load 16.bin or 16.sav. Click on "Break".

Click on "K1", "K2" and "Blank" to save the files. Store those somewhere safe.

Mass Dumper
Mass Dumper allows you to dump PKX files from your save file by using the Blank.ekx obtained with KeySAV, along with the Key - Box1.bin and Key - Box2.bin files, which work as keys to read the BOX 1 and BOX 2 of your save file respectively.

Just select the save file you want to be read, the Blank.ekx, one of the keys ("Key - Box1.bin" for BOX 1 or "Key - Box2.bin" for BOX 2) for the Concat Key option, making sure to also select the same number of box for the "Key Starts" option and an choose "Truck" to dump the PKX files.

However, there's a inconvenience with this tool since the output files have .ek6 and .pk6 extensions, instead of the standard .ekx and .pkx extensions, so the extension of the files must be changed in order to be used with PKX viewer/editor tools; this can be done with cmd in Windows.

Just go to the path where the .pk6 or .ek6 files are stored and use the "ren" command as it is shown in the image of the above.

Outdated information:

Warning: Spoilers inside!

EDIT: Since the 1.2 update now encrypts the wondertrade data (and since the update is obligatory for online), this project will be pretty much dead,unless someone figures how to decrypt the information.

Good news for the pokehacking community! Codemonkey85 from http://projectpokemon.org and Zaneris have released very useful applications to dump and modify your own Pokémon on a PC. This means you can get the data of your Pokémon from the 3DS to a PC.

PKX Editor

Created by Codemonkey85. The image is self-explanatory, those are the editable values available at the moment.

Instead of PKM, the new extension for these files in Pokémon X and Pokémon Y is called now PKX. Normally, these files are extracted as encrypted data, so they receive the .pkx extension after being decrypted. This program is able to decrypt and encrypt back PKX files: Files with the extension .bin are assumed as encrypted, and .pkx files are assumed as decrypted.

Automatic PKX Dumper

Created by Zaneris. This can dump the data of your traded Pokemon to your PC without the need of following tedious steps, however, a proper physical set up is needed for this.

IMPORTANT: There is no possible (actually public) way to get a Pokémon back to the 3DS, so this currently only works to copy the data of any Pokémon sent through Wondertrade to the PC but not the other way around.

*Use a program to analyse the network traffic in hexadecimal format while doing a Wondertrade. Wireshark works fine for sniffing the data (tutorial for Wireshark). Select your hostpot to capture the packets. After finishing the Wondertrade, you will get a bunch of packets. To identify the packets we are looking for, just sort the data by Length and it's likely that the second and third packets are the correct ones. Save both packets (or only the one sent if you want) selecting the whole packet by clicking on "Frame" and then File -> Export selected packet bytes and save them as .bin files
To identify which was sent and which was received, check the source and destination.

Note: Ettercap, windivert, winpkfilter (for Windows) may be used to inject the final data back to the 3DS as well as HexInject (for Linux). This has yet to be done because the calculation of the checksums hasn't been successful

*Find the encrypted Pokemon data inside the packets by opening them on a Hex Editor. It begins with 4 bytes followed by 2 bytes equal to zero, the full data must be 232 bytes.
(Thanks Zaneris for the hex data)
The first regular 4 bytes are underlined in green and the pair of bytes equal to zero are underlined in orange. Note that generally there won't be another pair of bytes equal to zero close to the beginning within the Pokemon data.
The header is inside the blue rectangle so the encrypted Pokemon is at offset 0x0067 and ends at 0x014E. If you didn't capture the header, the Pokemon will be at offset 0x003D and will end at 0x0124. After finding the data, save each Pokemon in a different file with the same extension (.bin).

The next part is still a work in progress
*After editing and re-encrypting the Pokemon by saving it as a .bin file, the received packets must be altered to include the new Pokemon. Having the received packets of the last Wondertrade, search for the encrypted Pokemon the same way as before and replace the HEX data.
*Inject the packets in another Wondertrade.

you don't. there is no way to inject pokemon into the game yet, I assume a gts spoofer like deal is needed as the saves cannot be edited.

Click to expand...

I hope they never make one. Hacked pokemon ruin online for me.
Interesting how quickly he cracked the pokemon data encryption and figured out the format though. Though the tool is still very incomplete and a lot of data is not editable and there are no move names.

Zaneris is making a proof of concept hack (#106) about transfering Pokemon by using Wondertrade. As far as I can understand, he's recording the network packets between the system and the server.

Click to expand...

Nintendo will fix this same way as they did the Wii Shop Channel user agent spoofing years ago, which is to use SSL. all it will take is a Pokemon X/Y 1.2 update that encrypts Wondertrade communications.

just because it's not encrypted doesn't mean it's not protected. getting a packet properly.. set up to make it across wonder trade takes more than just swapping in a different pkx. don't start freaking out just yet.

I wanna make a bunch of Level 1 Hoopas so I can troll these jerks posting Yveltals and Xenreas on the GTS for IMPOSSIBLE Pokemon. I did it with Platinum. I released the Pokemon I got in the trade as well, and the mons I traded to the jerks were named LOLHACKED!

Get over yourselves. Not everyone has the time to sit their ass down and raise a fucking perfect IV EV'd pokemon.

Click to expand...

2 Things, you can't have perfect EV's, you can have ideal EV's (You'd have different EV's per moveset/nature). Second, IV's are not compulsory, playing non competitively doesn't require IV's. If you don't want to IV train the pokemon you shouldn't be playing competitively.

Personally, the hacking doesn't affect me since I actually have friends who play pokemon legitimately, but I can still sympathize with the people who play online competitively then get fucked over by hacked pokemon.